Technology Risk and Controls Lead - Portfolio of Applications

As a Tech Risk & Controls Lead within the Cybersecurity and Technology Controls (CTC) BISO (Business Information Security Officer) organization, you will serve as the trusted risk advisor for a portfolio of applications supporting Corporate functions.

In this role, you will provide subject matter expertise and technical guidance throughout the entire risk lifecycle, including the identification of risks, offering remediation guidance, risk registration, and risk reporting to key stakeholders such as Application Owners, CTOs, Chief Data Officers, and Business Control Managers.

You will be accountable for assessing and reporting a comprehensive view of the technology risk posture and its impact on the business.

Your advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape.

This position requires strong communication and stakeholder management skills, as well as the ability to influence and guide risk decisions at both strategic and operational levels.

Job Responsibilities:


* Serve as the primary risk advisor for a portfolio of applications supporting Corporate functions.


* Provide subject matter expertise and technical guidance to key stakeholders, including Application Owners, CTOs, Chief Data Officers, and Business Control Managers.


* Lead the risk lifecycle: including the identification, assessment, reporting and registration of technology risks, ensuring comprehensive risk coverage across the portfolio.


* Develop and deliver remediation guidance to address identified risks and support risk mitigation strategies.


* Prepare and present monthly risk posture report to stakeholders, offering a clear and comprehensive view of the technology risk posture and its impact on the business.


* Drive innovative solutions to manage and mitigate risks in a dynamic and evolving risk landscape.


* Leverage advanced knowledge of risk management principles, practices, and theories to influence and guide risk decisions at both strategic and operational levels.


* Maintain strong communication and stakeholder management skills to ensure alignment and effective risk governance.

Required Qualifications, Capabilities, and Skills


* Formal training or certification with 5-7 years of experience or equivalent expertise in technology, risk management, information security, or a related field, with a focus on technology risk identification, assessment, and control evaluation.


* Strong understanding of technology risk management frameworks and industry standards.


* Expertise and in depth knowledge in data, access and vulnerability management.


* Experience in performing technology risk and control assessment for AI/ML solutions.


* Proven ability to analyze complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholde...